{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e36b364e-7793-5b7d-b849-1c7ded418065", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9", "type": "library", "group": "org.apache.tomcat", "name": "tomcat-websocket", "version": "9.0.50-tuxcare.9", "purl": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:52ab8c06-3893-5760-988f-bcf43ec617dd", "id": "CVE-2020-11996", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11996 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:701cf388-19f8-5b72-a847-daefcb0936ad", "id": "CVE-2020-13934", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13934 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:67635013-210c-5ff4-873a-7fc2c9a294c0", "id": "CVE-2020-13943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13943 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:5a71cf90-56ea-5f68-9be3-fc979f6362b9", "id": "CVE-2020-9484", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9484 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:8cf46ab3-bdb0-5f62-8fcc-51655ccc2d41", "id": "CVE-2021-24122", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24122 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:8f6a87ac-84a2-5d3c-9a4c-577ea7e39017", "id": "CVE-2021-42340", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-42340 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:87390157-ae64-5f95-b980-4659e22a121b", "id": "CVE-2021-43980", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43980 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:e987a6a9-05f5-519d-99de-35e4d4d6ccac", "id": "CVE-2022-23181", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-23181 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:6c21a697-2f21-5043-b413-2c1abc874627", "id": "CVE-2022-29885", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-29885 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:62de4f1a-a2c4-5381-baaa-d1929078ee56", "id": "CVE-2022-34305", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-34305 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:e1d9f6f4-6f2f-5d17-9a52-0c95cee19f8b", "id": "CVE-2022-42252", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-42252 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:bb444f0a-6aba-5243-ab8a-6b521e57ff69", "id": "CVE-2022-45143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-45143 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:e7f50936-790d-5f17-ab14-202839510fa1", "id": "CVE-2023-24998", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-24998 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:b816d1f1-4c81-5dd1-a031-3af1f70aad70", "id": "CVE-2023-28708", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-28708 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:733e8bb0-e8d3-5fe2-9718-f81ac6df085a", "id": "CVE-2023-41080", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41080 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:ed7f9bab-4124-5033-8785-e6a9dc95a9ec", "id": "CVE-2023-42795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-42795 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:2ea50c25-8451-590c-b21d-ea12247526ca", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:a949541e-b118-5119-a9a1-bde7e5a80ff6", "id": "CVE-2023-45648", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-45648 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:eaeb8d83-125c-551e-952b-5ecf949c751d", "id": "CVE-2023-46589", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-46589 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:077751fb-a0ec-5411-84e6-6eb8ce2399fd", "id": "CVE-2024-23672", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23672 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:346a5279-5f2e-516c-8a2d-d214b3c0d1bb", "id": "CVE-2024-24549", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-24549 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:ea9245a7-09c1-5c67-9b09-b659aca67a9e", "id": "CVE-2024-34750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-34750 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:e4b2601b-7752-5726-85b8-f2b6fb080d78", "id": "CVE-2024-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38286 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:00a57d63-2f57-52a1-b307-31ecf70fa2e7", "id": "CVE-2024-50379", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-50379 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:87f7a3fa-ef75-5b84-bd35-10c84be262b2", "id": "CVE-2024-52316", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-52316 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:813c2eca-e337-5000-b547-c30f109bb59b", "id": "CVE-2024-54677", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-54677 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:e26a0c4f-0cfa-53c7-b53f-dd0af77490af", "id": "CVE-2024-56337", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56337 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:d497b3fa-952d-53d2-9c89-a7d8e5804bf6", "id": "CVE-2025-24813", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24813 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:f4d422d6-99f9-56c6-8ce2-a55c31b7a71c", "id": "CVE-2025-31650", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-31650 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:f4631362-d0fe-5d50-843e-8566c6a2ece0", "id": "CVE-2025-31651", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31651 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:cbdac36e-179d-5705-bc9f-e8db3d06f44a", "id": "CVE-2025-46701", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-46701 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:4545a748-7247-5f5c-ab40-4bd98e2517f9", "id": "CVE-2025-48988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48988 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:4ec11b00-47b5-5851-a7d9-0692be225229", "id": "CVE-2025-48989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48989 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:ed4b52f3-eef8-5cdf-80a5-56c72f256020", "id": "CVE-2025-49124", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49124 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:c72c986d-97e3-5b26-94a9-b046d739d22a", "id": "CVE-2025-49125", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-49125 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:897d3bfa-ba87-5b91-b5d2-09b159a6105d", "id": "CVE-2025-52434", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52434 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:fbbc8308-da2f-5e0b-bbb8-272bdcf0bc35", "id": "CVE-2025-52520", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-52520 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:e5053468-5f29-5e11-acfb-8306961fc64c", "id": "CVE-2025-53506", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-53506 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:04c491fc-58c6-5ae2-973f-e84bc5ba8ad1", "id": "CVE-2025-55668", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55668 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:60ee55d0-d31a-5a2d-ac13-a9733f03dfab", "id": "CVE-2025-55752", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55752 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:dec38b93-e6c0-583d-95a2-5a93f0738c89", "id": "CVE-2025-55754", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55754 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:ae2dd7fd-1486-511a-9137-b8fc46630e2e", "id": "CVE-2025-61795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-61795 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:8aa3d6c3-4319-5e8b-8e73-89e190886b22", "id": "CVE-2025-66614", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66614 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:bec6fb3b-2a4a-53a4-b8e8-c5effcd6d7c2", "id": "CVE-2026-24733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-24733 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:1fd9e9c1-924f-54f2-b322-a74a3ce9383e", "id": "CVE-2026-24880", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-24880 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:e6960b61-9ad3-5739-85ec-b088f5ba1165", "id": "CVE-2026-25854", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-25854 is fixed in version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:e54de761-9537-5f62-b392-71c5bb552a50", "id": "CVE-2026-29146", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-29146 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:13929be8-efa0-5a2a-9f18-b9c94ff3a3f9", "id": "CVE-2026-32990", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-32990 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:f2a75dd0-0ed9-5d7c-be94-5f99b988fc60", "id": "CVE-2026-34483", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34483 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:10206046-9abf-5eaf-ab93-5f9b5ec17d7b", "id": "CVE-2026-34486", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34486 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }, { "bom-ref": "urn:uuid:5b383560-12a7-5a27-a62d-7f156c473934", "id": "CVE-2026-34487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-34487 affects version 9.0.50-tuxcare.9 of org.apache.tomcat:tomcat-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.50-tuxcare.9" } ] }